81678fc921334c576373a12e4a6f2b7d2c52bc17b4ba8c4830bf644df42feb19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

384f3147b9f7bdc7d2d75b29f673ab30_NeikiAnalytics
Size

54KB
Sample

240511-zndmasgf4y
MD5

384f3147b9f7bdc7d2d75b29f673ab30
SHA1

d0e580e3ce0a8f009c89d0a0a2e8efd0357926bb
SHA256

81678fc921334c576373a12e4a6f2b7d2c52bc17b4ba8c4830bf644df42feb19
SHA512

ef5370414190da9f5c895859223ca099d2b61335123b362091e79452d2caed2137213c74be935330611067877cf87d9c956dccb3bc9959c14e9176328943f305
SSDEEP

768:MApQr0ovdFJI34eGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENREMZ7N:MAaDJlMsh7pWezEPJB+OZ

Score

7^/10

Malware Config

Targets

- Target
  
  384f3147b9f7bdc7d2d75b29f673ab30_NeikiAnalytics
- Size
  
  54KB
- MD5
  
  384f3147b9f7bdc7d2d75b29f673ab30
- SHA1
  
  d0e580e3ce0a8f009c89d0a0a2e8efd0357926bb
- SHA256
  
  81678fc921334c576373a12e4a6f2b7d2c52bc17b4ba8c4830bf644df42feb19
- SHA512
  
  ef5370414190da9f5c895859223ca099d2b61335123b362091e79452d2caed2137213c74be935330611067877cf87d9c956dccb3bc9959c14e9176328943f305
- SSDEEP
  
  768:MApQr0ovdFJI34eGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENREMZ7N:MAaDJlMsh7pWezEPJB+OZ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2